Digital Security Foundation (DSF) Privacy Notice 

*Last Updated: [22-04-2025]

1. Scope & Purpose

This notice explains how DSF collects, uses, and protects personal data in compliance with:  

• India’s Digital Personal Data Protection Act (DPDP) 2023
• Global best practices for nonprofit data governance  

 Applicability: Covers data processed via:  

• Event registrations (e.g., CISO Roundtable)
• Cybersecurity training programs
• Donations/volunteer applications  

2. Data We Collect

Directly Provided Data

• Professional Identity:Name, company, job title, work email, phone
• Engagement Data:Event preferences, workshop attendance records
• Payment Details:Only for paid programs (encrypted via Razorpay/PCI-DSS partners)*  

Automatically Collected Data

• Website Analytics:Anonymous IP, browser type (via self-hosted Matomo)
• Cookie Preferences:Strictly optional (manage via [DSF Cookie Dashboard]) 

3. How We Use Data

Purpose

• Event access & networking facilitation
• Cybersecurity threat alerts
• Donation receipts & tax compliance
• Research on cyber awareness trends

Legal Basis

• Explicit consent (DPDP Sec. 4)
• Legitimate interest (DPDP Sec. 7a)
• Legal obligation (Income Tax Act)
• Anonymized aggregation only

4. Data Sharing

DSF never sells data. Limited sharing occurs with:

• Sponsors – Only if attendees opt-in during registration
• Government Partners – For national cyber welfare programs (DPDP-authorized)
• Service Providers – Encrypted cloud storage (AWS Mumbai region)

5. Contact

Data Protection Officer 

📧 dpo@digitalsecurityfoundation.org  

📍 #630, DHI Innovation Park, Arekere, Bannerghatta Main Road, Bengaluru-560076